Looking up patients on Facebook

I would consider it a HIPAA violation because these students/nurses are using a patient's protected health information (name) for personal use. PHI should only be accessed and used on a need to know basis by team members who are currently assigned to the treatment team, and only for therapeutic purposes.

If nothing else, it is a violation of patient privacy and professional boundaries. I don't want my care team reading about my personal life and looking at pictures of me if I am in the vulnerable position of patient. Anything that could harm a therapeutic nurse-patient relationship should be avoided. Nurses shouldn't pursue personal relationships with patients - even if said relationship is just creepy online lurking out of curiousity.

Seems silly. I would never do that... unless they’re hot!!! Just kidding. I’m old and find no joy in life or virtual life.

Hipaa protects the release of protected medical information. It’s not a violation to look up someone on Facebook unless you are releasing protected medical information. Rules govern what you can and can’t do so if you want to know if it’s actually breaking a rule, look up your handbook to see if there’s a policy about it. While not an actual hipaa thing, I’d leave it alone. Better safe then embarrassed. Your hospital might very well have a policy forbidding this activity.

Patient names are PHI.

All your actions on facebook are disseminated.

But what if your patient is a famous person? I often get famous/rich people at my workplace. I once had a model come through but I had never heard of her, googled her and saw she had millions of followers. Sometimes when a doctor sends us a VIP patient I need a little background on the person to know who I'm dealing with. And FYI we treat ALL our patients as VIP since it is concierge practice, but some patients will go ahead and tell me they're actors/comedians/etc (or assume you know who they are!) I don't feel like I'm violating HIPAA as long as I'm not telling the world XYZ was my patient and she got liposuction and a tummy tuck!

On 4/20/2019 at 6:25 PM, Hoosier_RN said:

I'm more on concerned with the patients that send me friend requests, and try to get my info, then get upset when I tell them no, because it's against policy and my personal boundary rules

This is one reason why my fb page doesn't have my legal name.

I try not to use my legal name on social media as well! Usually some variation of my name so someone can't search it.

On 4/20/2019 at 10:04 AM, aprilmoss said:

I'll have to disagree here. Once you expose a patients name on a computer outside the clinical environment you've likely violated your facility's HIPAA policies. The name of a patient is very much PHI.

What do you mean expose a patient’s name? Searching a name does not “expose” them. It does not expose them to being a patient anywhere, much less your patient.

If they have a public Facebook, Twitter, or Instagram account, they are exposed to the world. Now, if you openly state anywhere that John Doe was your patient at work today, that’s another story. Or you said you saw John Doe at your hospital today. But searching people in your private home, on your private computer is not a HIPAA violation.

I think people think Facebook holds much more power than it actually does. Yes, Facebook sells our information to advertisers. And if you leave your location setting on, it knows where you are. I turn mine off for that reason. Facebook does not know I am a nurse, where I work, or any of my patients. My patients don’t know my last name. There can’t be a connection.

My microphone is also turned off on my phone. And my social media is locked down. I’ve tried googling myself numerous times. I’m not searchable.

Again, it’s not a HIPAA violation. HIPAA covers what we can and cannot do with medical information. What if one of your friends or their family members ended up in your hospital? And you are friends with this person on Facebook. Is that a HIPAA violation? Of course not.

People considering each and every interaction outside of the hospital a HIPAA violation has gotten out of hand.

I'm going to be graduating soon and do not use my last name on facebook. I google searched my name, etc and found nothing. The other day I realized that to log into fb, you need an email address. I google searched my email address (which would be on my resume) and found my fb page, common user names, etc. Soooo, try searching that and see if everything is really locked down tight, mine wasn't as tight as I thought

Also, a coworker doesn't have a picture of herself on fb and has her middle name as her user name. She continued to get a coworker (who couldn't have searched for her with that name) and that she did not search either - as a person you may know. Simply because fb saw that their phones were on fb near each other enough times. So you may end up on a person you may know's search simply due to proximity as far as I am aware. Either way, not a HIPAA violation but eh. you do you I guess.

44 minutes ago, rnhopeful82 said:

I'm going to be graduating soon and do not use my last name on facebook. I google searched my name, etc and found nothing. The other day I realized that to log into fb, you need an email address. I google searched my email address (which would be on my resume) and found my fb page, common user names, etc. Soooo, try searching that and see if everything is really locked down tight, mine wasn't as tight as I thought

Also, a coworker doesn't have a picture of herself on fb and has her middle name as her user name. She continued to get a coworker (who couldn't have searched for her with that name) and that she did not search either - as a person you may know. Simply because fb saw that their phones were on fb near each other enough times. So you may end up on a person you may know's search simply due to proximity as far as I am aware. Either way, not a HIPAA violation but eh. you do you I guess.

Really amazing, isn't it??????

So, taking that notion further, if you are carrying your phone in your pocket near a patient who has their phone in their room, you could potentially get that same "you may know" message. To an outside person, this still shouldn't put a thought of "gee, I wonder if person B was a patient of person A. Now I know person B's private health information!" It's just not PHI in that scenario.

16 hours ago, Horseshoe said:

Really amazing, isn't it??????

So, taking that notion further, if you are carrying your phone in your pocket near a patient who has their phone in their room, you could potentially get that same "you may know" message. To an outside person, this still shouldn't put a thought of "gee, I wonder if person B was a patient of person A. Now I know person B's private health information!" It's just not PHI in that scenario.

That's my point. People show up on my people I may know tat I have no idea who they are sometimes, it wouldn't constitute PHI then.

21 minutes ago, rnhopeful82 said:

That's my point. People show up on my people I may know tat I have no idea who they are sometimes, it wouldn't constitute PHI then.

Yeah, I was agreeing with you/disputing some other posts which insist that a person's name is PHI.